| CVE-2023-38497 |
high |
— |
8.0 |
|
|
|
3y ago |
RHSA-2023:4635: rust-toolset:rhel8 security update (Important) |
| CVE-2023-40030 |
unknown |
— |
— |
|
|
|
3y ago |
Cargo downloads a Rust project’s dependencies and compiles the project. Starting in Rust 1.60.0 and prior to 1.72, Cargo did not escape Cargo feature names when including them in the report generated… |
| CVE-2022-46176 |
unknown |
— |
— |
|
|
|
3y ago |
Cargo is a Rust package manager. The Rust Security Response WG was notified that Cargo did not perform SSH host key verification when cloning indexes and dependencies via SSH. An attacker could explo… |
| CVE-2022-36113 |
unknown |
— |
— |
|
|
|
4y ago |
Cargo is a package manager for the rust programming language. After a package is downloaded, Cargo extracts its source code in the ~/.cargo folder on disk, making it available to the Rust projects it… |
| CVE-2022-36114 |
unknown |
— |
— |
|
|
|
4y ago |
Cargo is a package manager for the rust programming language. It was discovered that Cargo did not limit the amount of data extracted from compressed archives. An attacker could upload to an alternat… |